[Apollo] Advisories Statistics light light Login

RLSA-2024:8127

Security Mirrored from RHSA-2024:8127
Issued at: 2024-10-25
Updated at: 2024-10-25

Synopsis

Moderate: java-21-openjdk security update



Description

The OpenJDK 21 runtime environment.

Security Fix(es):

* giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function (CVE-2023-48161)

* JDK: Array indexing integer overflow (8328544) (CVE-2024-21210)

* JDK: HTTP client improper handling of maxHeaderSize (8328286) (CVE-2024-21208)

* JDK: Unbounded allocation leads to out-of-memory error (8331446) (CVE-2024-21217)

* JDK: Integer conversion error leads to incorrect range check (8332644) (CVE-2024-21235)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64 Rocky Linux 9 aarch64 Rocky Linux 9 ppc64le Rocky Linux 9 s390x Rocky Linux 9 x86_64

Fixes

2251025 2318524 2318526 2318530 2318534

CVEs

CVE-2023-48161 CVE-2024-21208 CVE-2024-21210 CVE-2024-21217 CVE-2024-21235

Affected packages

Rocky Linux 8 aarch64 - AppStream

java-21-openjdk-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-1:21.0.5.0.10-3.el8.src.rpm java-21-openjdk-debuginfo-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-debugsource-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-demo-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-devel-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-devel-debuginfo-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-headless-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-headless-debuginfo-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-javadoc-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-javadoc-zip-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-jmods-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-src-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-static-libs-1:21.0.5.0.10-3.el8.aarch64.rpm

Rocky Linux 9 aarch64 - AppStream

java-21-openjdk-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-1:21.0.5.0.10-3.el9.src.rpm java-21-openjdk-debuginfo-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-debugsource-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-demo-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-devel-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-devel-debuginfo-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-headless-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-headless-debuginfo-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-javadoc-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-javadoc-zip-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-jmods-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-src-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-static-libs-1:21.0.5.0.10-3.el9.aarch64.rpm

Rocky Linux 9 ppc64le - AppStream

java-21-openjdk-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-1:21.0.5.0.10-3.el9.src.rpm java-21-openjdk-debuginfo-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-debugsource-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-demo-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-devel-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-devel-debuginfo-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-headless-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-headless-debuginfo-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-javadoc-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-javadoc-zip-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-jmods-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-src-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-static-libs-1:21.0.5.0.10-3.el9.ppc64le.rpm

Rocky Linux 9 s390x - AppStream

java-21-openjdk-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-1:21.0.5.0.10-3.el9.src.rpm java-21-openjdk-debuginfo-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-debugsource-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-demo-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-devel-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-devel-debuginfo-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-headless-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-headless-debuginfo-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-javadoc-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-javadoc-zip-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-jmods-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-src-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-static-libs-1:21.0.5.0.10-3.el9.s390x.rpm

Rocky Linux 8 x86_64 - AppStream

java-21-openjdk-1:21.0.5.0.10-3.el8.src.rpm java-21-openjdk-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-debuginfo-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-debugsource-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-demo-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-devel-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-devel-debuginfo-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-headless-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-headless-debuginfo-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-javadoc-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-javadoc-zip-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-jmods-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-src-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-static-libs-1:21.0.5.0.10-3.el8.x86_64.rpm

Rocky Linux 9 x86_64 - CRB

java-21-openjdk-1:21.0.5.0.10-3.el9.src.rpm java-21-openjdk-demo-fastdebug-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-demo-slowdebug-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-devel-fastdebug-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-devel-fastdebug-debuginfo-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-devel-slowdebug-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-devel-slowdebug-debuginfo-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-fastdebug-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-fastdebug-debuginfo-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-headless-fastdebug-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-headless-fastdebug-debuginfo-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-headless-slowdebug-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-headless-slowdebug-debuginfo-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-jmods-fastdebug-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-jmods-slowdebug-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-slowdebug-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-slowdebug-debuginfo-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-src-fastdebug-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-src-slowdebug-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-static-libs-fastdebug-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-static-libs-slowdebug-1:21.0.5.0.10-3.el9.x86_64.rpm

Rocky Linux 9 x86_64 - AppStream

java-21-openjdk-1:21.0.5.0.10-3.el9.src.rpm java-21-openjdk-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-debuginfo-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-debugsource-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-demo-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-devel-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-devel-debuginfo-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-headless-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-headless-debuginfo-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-javadoc-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-javadoc-zip-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-jmods-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-src-1:21.0.5.0.10-3.el9.x86_64.rpm java-21-openjdk-static-libs-1:21.0.5.0.10-3.el9.x86_64.rpm

Rocky Linux 9 aarch64 - CRB

java-21-openjdk-1:21.0.5.0.10-3.el9.src.rpm java-21-openjdk-demo-fastdebug-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-demo-slowdebug-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-devel-fastdebug-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-devel-fastdebug-debuginfo-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-devel-slowdebug-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-devel-slowdebug-debuginfo-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-fastdebug-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-fastdebug-debuginfo-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-headless-fastdebug-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-headless-fastdebug-debuginfo-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-headless-slowdebug-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-headless-slowdebug-debuginfo-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-jmods-fastdebug-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-jmods-slowdebug-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-slowdebug-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-slowdebug-debuginfo-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-src-fastdebug-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-src-slowdebug-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-static-libs-fastdebug-1:21.0.5.0.10-3.el9.aarch64.rpm java-21-openjdk-static-libs-slowdebug-1:21.0.5.0.10-3.el9.aarch64.rpm

Rocky Linux 9 s390x - CRB

java-21-openjdk-1:21.0.5.0.10-3.el9.src.rpm java-21-openjdk-demo-slowdebug-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-devel-slowdebug-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-devel-slowdebug-debuginfo-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-headless-slowdebug-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-headless-slowdebug-debuginfo-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-jmods-slowdebug-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-slowdebug-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-slowdebug-debuginfo-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-src-slowdebug-1:21.0.5.0.10-3.el9.s390x.rpm java-21-openjdk-static-libs-slowdebug-1:21.0.5.0.10-3.el9.s390x.rpm

Rocky Linux 9 ppc64le - CRB

java-21-openjdk-1:21.0.5.0.10-3.el9.src.rpm java-21-openjdk-demo-fastdebug-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-demo-slowdebug-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-devel-fastdebug-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-devel-fastdebug-debuginfo-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-devel-slowdebug-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-devel-slowdebug-debuginfo-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-fastdebug-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-fastdebug-debuginfo-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-headless-fastdebug-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-headless-fastdebug-debuginfo-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-headless-slowdebug-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-headless-slowdebug-debuginfo-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-jmods-fastdebug-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-jmods-slowdebug-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-slowdebug-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-slowdebug-debuginfo-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-src-fastdebug-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-src-slowdebug-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-static-libs-fastdebug-1:21.0.5.0.10-3.el9.ppc64le.rpm java-21-openjdk-static-libs-slowdebug-1:21.0.5.0.10-3.el9.ppc64le.rpm

Rocky Linux 8 aarch64 - PowerTools

java-21-openjdk-demo-fastdebug-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-demo-slowdebug-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-devel-fastdebug-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-devel-fastdebug-debuginfo-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-devel-slowdebug-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-devel-slowdebug-debuginfo-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-fastdebug-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-fastdebug-debuginfo-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-headless-fastdebug-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-headless-fastdebug-debuginfo-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-headless-slowdebug-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-headless-slowdebug-debuginfo-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-jmods-fastdebug-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-jmods-slowdebug-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-slowdebug-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-slowdebug-debuginfo-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-src-fastdebug-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-src-slowdebug-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-static-libs-fastdebug-1:21.0.5.0.10-3.el8.aarch64.rpm java-21-openjdk-static-libs-slowdebug-1:21.0.5.0.10-3.el8.aarch64.rpm

Rocky Linux 8 x86_64 - PowerTools

java-21-openjdk-demo-fastdebug-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-demo-slowdebug-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-devel-fastdebug-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-devel-fastdebug-debuginfo-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-devel-slowdebug-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-devel-slowdebug-debuginfo-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-fastdebug-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-fastdebug-debuginfo-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-headless-fastdebug-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-headless-fastdebug-debuginfo-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-headless-slowdebug-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-headless-slowdebug-debuginfo-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-jmods-fastdebug-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-jmods-slowdebug-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-slowdebug-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-slowdebug-debuginfo-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-src-fastdebug-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-src-slowdebug-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-static-libs-fastdebug-1:21.0.5.0.10-3.el8.x86_64.rpm java-21-openjdk-static-libs-slowdebug-1:21.0.5.0.10-3.el8.x86_64.rpm